package com.piotrs10.bsk.dao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

public class LoginDao extends BaseDao {
	private final String USER_AND_PASSWORD_QUERY = "SELECT login, haslo FROM uzytkownik WHERE login = ? AND haslo = ?";

	public boolean canAccess(String username, String password) {
		// TODO: haslo jako sha1 zlozone z loginu i hasla w formacie
		// "loginhaslo"
		boolean result = false;
		Connection connection = this.getConnection();
		PreparedStatement statement = null;
		try {
			statement = connection
					.prepareStatement(this.USER_AND_PASSWORD_QUERY);
			statement.setString(1, username);
			statement.setString(2, password);
			ResultSet set = statement.executeQuery();
			String readlogin = null;
			String readPassword = null;
			while (set.next()) {
				readlogin = set.getString(1);
				readPassword = set.getString(2);
			}
			if (readlogin != null && readPassword != null) {
				result = true;
			}
		} catch (SQLException e) {
			System.err.println(e.getMessage());
		} finally {
			if (statement != null) {
				try {
					statement.close();
				} catch (SQLException e) {
					System.err.println(e.getMessage());
				}
			}
			if (connection != null) {
				try {
					connection.close();
				} catch (SQLException e) {
					System.err.println(e.getMessage());
				}
			}
		}
		return result;

	}
}
